Qualys Cloud Platform

Free Services

@RISK Newsletter for June 11, 2015

The consensus security vulnerability alert.

Vol. 15, Num. 23

This is a weekly newsletter that provides in-depth analysis of the latest vulnerabilities with straightforward remediation advice. Qualys supplies a large part of the newly-discovered vulnerability content used in this newsletter.

CONTENTS:

TOP VULNERABILITY THIS WEEK: Firmware Bug in Apple Mac Products Could

Allow Installation of Low-Level Malware

NOTABLE RECENT SECURITY ISSUES SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: Vulnerability in Mac Firmware Could Allow Installation ofLow-Level MalwareDescription: Researchers have disclosed a vulnerability within the Macfirmware found on certain Apple products that could allow malware tooverwrite parts of the BIOS and install a low-level rootkit. Thisvulnerability only impacts Macs purchased before mid-2014 and requiresthe Mac to have gone to sleep and woken up. Apple has not released anyupdated firmware addressing this vulnerability in affected Macs.Reference: https://reverse.put.as/2015/05/29/the-empire-strikes-back-apple-how-your-mac-firmware-security-is-completely-broken/

Title: Multiple Vulnerabilities Within Several D-Link Products DisclosedDescription: A large number of vulnerabilities within several D-Linkproducts have been disclosed by researchers at Search-Lab. Thevulnerabilities could allow an attacker to perform authenticationbypass, command injection, and arbitrary file upload attacks on affecteddevices. D-Link devices that are known to contain the vulnerabilitiesare D-Link DNS-320, 320L, 326, 327L, 320B, 345, 325, and 322L. D-Linkhas acknowledged the vulnerabilities and have released software updatesto address the issues.Reference: http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdfSnort SID: Detection pending

Title: CVE-2015-1835 - Trend Micro Discloses Apache CordovaVulnerability that Allows One-Click Modification of Android AppsDescription: Trend Micro has disclosed that Apache Cordova contains avulnerability (CVE-2015-1835) that could allow “attackers to modify thebehavior of [Android] apps just by clicking a URL.” The extent of thisvulnerability could allow modifications to apps that can cause anuisance for app users or crash the app entirely. Cordova versions4.0.1 and prior are affected. Apache has released an update to addressthe issue and Android app developers are urged to update their Cordovaframework within their apps, rebuild, and re-release updated apps.Reference: http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/Snort SID: Detection pending

RECENT VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE COMPILED BY THE QUALYS VULNERABILITY RESEARCH TEAM

This is a list of recent vulnerabilities for which exploits areavailable. System administrators can use this list to help inprioritization of their remediation activities. The Qualys VulnerabilityResearch Team compiles this information based on various exploitframeworks, exploit databases, exploit kits and monitoring of internetactivity.